Archives

Local Network Capture and SSL/TLS Decryption

With the year coming to an end, we thought we might share with you what new exiting technical features we are working of for payments analytics system.

One of the most elegant and accurate ways to get hold of your payments data is through the capture of the transactional network data. By inspecting the network traffic, you get a real-world view of payment systems performance. This approach is similar to the way Wireshark inspects network traffic, but our system does all the heavy lifting for you by decoding the network data up to a transactional message-level, which would make sense to you.

Originally, our system was designed to run on a standalone server with network traffic being analysed remotely. However, a number of our clients prefer the system to be installed on their main processing servers, such as Base24, Postilion and Connex. In these cases, we need to capture the local network data stream. Furthermore, in some instances these data streams are encrypted using SSL (Secure Socket Layer) or TLS (Transport Layer Security), which naturally makes decoding the data impossible.

To address these challenges, we are developing two new components:

A local loopback network capturer.

A SSL and TLS network traffic decrypter.

Our loopback network capture device is already up and running and we are currently developing an SSL/TLS decoder device, which decrypts a secure stream, allowing other devices to monitor clear application data. This can take place unobtrusively on the host where the SSL/TLS server is running, thereby minimizing the security exposure.

Given the utility this could offer network and payments operators, we shall make this functionality available in standalone utility in the future.